pf's states
Victor Sudakov
vas at sibptus.ru
Tue Dec 3 09:15:14 UTC 2019
Dave Cottlehuber wrote:
> TLDR add log to the rules, then start pflog,use wireshark or tcpdump
> on the pflog interface and you can see exactly which rule is applied
> to that packet.
It's not that the wrong rules are being applied, there are 2-3 rules in
total in the whole lab, they are easy to monitor with rule counters.
It's the state being created from the rules that confuses me. And the
state if visible in "pfctl -s states".
The problem is that either I'm confused about how pf state works, or the
documentation is misleading/incomplete.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20191203/c55b4d0c/attachment.sig>
More information about the freebsd-pf
mailing list